Safety vulnerability ID: 66885
The information on this page was manually curated by our Cybersecurity Intelligence Team.
A SQL injection vulnerability exists in specified versions of Frappe, used by ERPNext, specifically within the frappe.share.get_users function. This vulnerability allows remote authenticated users to execute arbitrary SQL commands through manipulation of the 'fields' parameter.
Latest version: 0.0.1
Frappe placeholder package
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application